[Pkg-freeradius-maintainers] Bug#880913: correct receiving of multiple RADIUS packets through RadSec
Jan Tomasek
jan at tomasek.cz
Sun Nov 5 15:41:35 UTC 2017
Package: freeradius
Version: 3.0.12+dfsg-5
Severity: important
Tags: patch
freeRADIUS v3 does have implementation bug. It isn't able to read more
than one packet from incoming TLS (RadSec) connection. The bug shows
more likely on large deployments and is able to make server completely
useless. That is why I'm setting Severity to important.
More detailed technical info is available here:
https://github.com/FreeRADIUS/freeradius-server/pull/2106
https://github.com/FreeRADIUS/freeradius-server/pull/2107
The attached patch is tested against official freeRAIDUS releases
3.0.12, 3.0.14, 3.0.15 and against Debian package
freeradius_3.0.12+dfsg-5 it fixes the problem and causes no harm.
Please is it possible to propagate this into Debian/Stretch?
Thanks
--
-----------------------
Jan Tomasek aka Semik
http://www.tomasek.cz/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: read-multiple-packet-from-radsec.patch
Type: text/x-patch
Size: 1792 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-freeradius-maintainers/attachments/20171105/7db382ac/attachment.bin>
More information about the Pkg-freeradius-maintainers
mailing list